diff --git a/include/maat.h b/include/maat.h index 673f5bf..c240d72 100644 --- a/include/maat.h +++ b/include/maat.h @@ -165,40 +165,40 @@ struct maat_state; */ int maat_scan_flag(struct maat *instance, int table_id, int thread_id, long long flag, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state); + size_t *n_hit_result, struct maat_state *state); int maat_scan_integer(struct maat *instance, int table_id, int thread_id, long long integer, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state); + size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv4(struct maat *instance, int table_id, int thread_id, uint32_t ip_addr, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state); + size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv4_tuple4(struct maat *instance, int table_id, int thread_id, const struct ipv4_tuple *tuple, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state); + struct maat_state *state); int maat_scan_ipv6(struct maat *instance, int table_id, int thread_id, uint8_t *ip_addr, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state); + size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv6_tuple4(struct maat *instance, int table_id, int thread_id, const struct ipv6_tuple *tuple, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state); + struct maat_state *state); int maat_scan_string(struct maat *instance, int table_id, int thread_id, const char *data, size_t data_len, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state); + struct maat_state *state); struct maat_stream; struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id); int maat_scan_stream(struct maat_stream **stream, const char *data, int data_len, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state); + struct maat_state *state); void maat_scan_stream_close(struct maat_stream **stream); @@ -207,21 +207,20 @@ struct maat_state *maat_state_new(struct maat *instance, int thread_id); void maat_state_reset(struct maat_state *state); -void maat_state_free(struct maat_state **state); +void maat_state_free(struct maat_state *state); -int maat_state_set_scan_district(struct maat *instance, struct maat_state **state, - const char *district, size_t district_len); +int maat_state_set_scan_district(struct maat_state *state, const char *district, + size_t district_len); -int maat_state_set_last_scan(struct maat *maat_instance, struct maat_state **state); +int maat_state_set_last_scan(struct maat_state *state); -int maat_state_set_scan_compile_table(struct maat *maat_instance, struct maat_state **state, - int compile_table_id); +int maat_state_set_scan_compile_table(struct maat_state *state, int compile_table_id); -int maat_state_get_hit_paths(struct maat *instance, struct maat_state **state, - struct maat_hit_path *paths, size_t n_path); +int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *paths, + size_t n_path); -int maat_state_get_hit_objects(struct maat *instance, struct maat_state **state, - struct maat_hit_object *objs, size_t n_obj); +int maat_state_get_hit_objects(struct maat_state *state, struct maat_hit_object *objs, + size_t n_obj); /* return hit object compile_id */ int maat_hit_object_compile_id(struct maat *instance, struct maat_hit_object *obj); diff --git a/scanner/adapter_hs/adapter_hs.cpp b/scanner/adapter_hs/adapter_hs.cpp index 12f9566..2b8a8ca 100644 --- a/scanner/adapter_hs/adapter_hs.cpp +++ b/scanner/adapter_hs/adapter_hs.cpp @@ -810,16 +810,19 @@ int adapter_hs_scan_stream(struct adapter_hs_stream *hs_stream, const char *data return 0; } - if (n_item > MAX_SCANNER_HIT_ITEM_NUM) { - n_item = MAX_SCANNER_HIT_ITEM_NUM; + if (n_item > MAX_SCANNER_HIT_PATTERN_NUM) { + n_item = MAX_SCANNER_HIT_PATTERN_NUM; } - unsigned long long item_ids[MAX_SCANNER_HIT_ITEM_NUM]; - memset(item_ids, 0, sizeof(unsigned long long) * MAX_SCANNER_HIT_ITEM_NUM); + unsigned long long item_ids[MAX_SCANNER_HIT_PATTERN_NUM]; + memset(item_ids, 0, sizeof(unsigned long long) * MAX_SCANNER_HIT_PATTERN_NUM); int i = 0; struct matched_pattern *pat = NULL, *tmp_pat = NULL; HASH_ITER(hh, hs_stream->matched_pat_container.pat_hash, pat, tmp_pat) { + if (i >= MAX_SCANNER_HIT_PATTERN_NUM) { + break; + } item_ids[i++] = pat->pattern_id; } qsort(item_ids, n_item, sizeof(unsigned long long), cmp_ull_p); diff --git a/src/inc_internal/maat_compile.h b/src/inc_internal/maat_compile.h index 633c196..7d96213 100644 --- a/src/inc_internal/maat_compile.h +++ b/src/inc_internal/maat_compile.h @@ -83,6 +83,7 @@ int group2compile_runtime_update(void *g2c_runtime, void *g2c_schema, /* maat compile state API */ struct maat_compile_state; struct maat_compile_state *maat_compile_state_new(int thread_id); +void maat_compile_state_reset(struct maat_compile_state *compile_state); void maat_compile_state_free(struct maat_compile_state *compile_state); int maat_compile_state_update(struct rcu_hash_table *item_htable, int vtable_id, diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index b36e250..44d2f73 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -45,12 +45,6 @@ extern "C" #define mr_region_id_var "SEQUENCE_REGION" #define mr_group_id_var "SEQUENCE_GROUP" -enum last_scan_flag { - LAST_SCAN_UNSET, - LAST_SCAN_SET, - LAST_SCAN_FINISHED -}; - enum tag_match { TAG_MATCH_ERR = -1, TAG_MATCH_UNMATCHED, @@ -223,8 +217,6 @@ struct maat { /* statistics */ long long line_cmd_acc_num; - long long *outer_state_cnt; - long long *compile_state_cnt; long long *thread_call_cnt; long long *hit_cnt; long long *not_grp_hit_cnt; @@ -232,12 +224,23 @@ struct maat { long long scan_err_cnt; }; +enum district_flag { + DISTRICT_FLAG_UNSET, + DISTRICT_FLAG_SET +}; + +enum last_scan_flag { + LAST_SCAN_UNSET, + LAST_SCAN_SET, + LAST_SCAN_FINISHED +}; + struct maat_state { struct maat *maat_instance; - int16_t thread_id; + int thread_id; int compile_table_id; - unsigned char is_set_district; - unsigned char is_last_scan; + enum district_flag is_set_district; + enum last_scan_flag is_last_scan; long long district_id; //-1: Any District; -2: Unkonwn District; int scan_cnt; struct maat_compile_state *compile_state; diff --git a/src/inc_internal/maat_utils.h b/src/inc_internal/maat_utils.h index 145fd65..9212e72 100644 --- a/src/inc_internal/maat_utils.h +++ b/src/inc_internal/maat_utils.h @@ -55,6 +55,7 @@ extern "C" #define MAX_SCANNER_HIT_COMPILE_NUM 4096 #define MAX_SCANNER_HIT_GROUP_NUM 4096 #define MAX_SCANNER_HIT_ITEM_NUM 4096 +#define MAX_SCANNER_HIT_PATTERN_NUM 4096 * 8 enum maat_ip_format { IP_FORMAT_RANGE, diff --git a/src/maat_api.c b/src/maat_api.c index 01cb28c..318d8d1 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -41,11 +41,6 @@ #define MODULE_MAAT_API module_name_str("maat.api") -enum district_set_flag { - DISTRICT_FLAG_UNSET, - DISTRICT_FLAG_SET -}; - struct maat_stream { struct maat *ref_maat_instance; struct adapter_hs_stream *s_handle; //each physical table open one stream @@ -394,8 +389,6 @@ struct maat *maat_new(struct maat_options *opts, const char *table_info_path) maat_instance->default_compile_table_id = table_manager_get_defaut_compile_table_id(maat_instance->tbl_mgr); maat_instance->g2g_table_id = table_manager_get_group2group_table_id(maat_instance->tbl_mgr); - maat_instance->outer_state_cnt = alignment_int64_array_alloc(opts->nr_worker_threads); - maat_instance->compile_state_cnt = alignment_int64_array_alloc(opts->nr_worker_threads); maat_instance->thread_call_cnt = alignment_int64_array_alloc(opts->nr_worker_threads); maat_instance->hit_cnt = alignment_int64_array_alloc(opts->nr_worker_threads); maat_instance->not_grp_hit_cnt = alignment_int64_array_alloc(opts->nr_worker_threads); @@ -928,46 +921,6 @@ int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, return n_hit_ex_data; } -struct maat_state *make_outer_state(struct maat *maat_instance, int thread_id) -{ - struct maat_state *outer_state = NULL; - - outer_state = ALLOC(struct maat_state, 1); - outer_state->maat_instance = maat_instance; - outer_state->district_id = DISTRICT_ANY; - outer_state->thread_id = (signed short)thread_id; - outer_state->compile_table_id = 0; - - return outer_state; -} - -struct maat_state *grab_state(struct maat_state **state, struct maat *maat_instance, - int thread_id) -{ - struct maat_state *mid = *state; - - if (NULL == mid) { - mid = make_outer_state(maat_instance, thread_id); - *state = mid; - //Maat_set_scan_status calls grap_mid() with thread_num=-1. - if (mid->thread_id >= 0) { - alignment_int64_array_add(maat_instance->outer_state_cnt, thread_id, 1); - } - } - - if (mid->thread_id < 0 && thread_id >= 0) { - mid->thread_id = thread_id; - alignment_int64_array_add(maat_instance->outer_state_cnt, thread_id, 1); - } - - if ((thread_id >= 0) && (NULL == mid->compile_state)) { - mid->compile_state = maat_compile_state_new(thread_id); - alignment_int64_array_add(maat_instance->compile_state_cnt, thread_id, 1); - } - - return mid; -} - static inline int scan_status_should_compile_NOT(struct maat_state *state) { if (state && (LAST_SCAN_SET == state->is_last_scan) && state->compile_state @@ -1001,11 +954,11 @@ static int vtable_get_physical_table_id(struct table_manager *tbl_mgr, int table } int flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag, - int physical_table_id, int vtable_id, struct maat_state *mid) + int physical_table_id, int vtable_id, struct maat_state *state) { enum table_type table_type = table_manager_get_table_type(tbl_mgr, physical_table_id); if ((table_type == TABLE_TYPE_FLAG_PLUS) && - (NULL == mid || DISTRICT_FLAG_UNSET == mid->is_set_district)) { + (NULL == state || DISTRICT_FLAG_UNSET == state->is_set_district)) { return -1; } @@ -1019,7 +972,7 @@ int flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag, } int group_hit_cnt = flag_runtime_scan((struct flag_runtime *)flag_rt, thread_id, - flag, vtable_id, mid); + flag, vtable_id, state); if (group_hit_cnt < 0) { return -1; } @@ -1032,12 +985,12 @@ int flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag, } int interval_scan(struct table_manager *tbl_mgr, int thread_id, long long integer, - int physical_table_id, int vtable_id, struct maat_state *mid) + int physical_table_id, int vtable_id, struct maat_state *state) { enum table_type table_type = table_manager_get_table_type(tbl_mgr, physical_table_id); if ((table_type == TABLE_TYPE_INTERVAL_PLUS) && - (NULL == mid || DISTRICT_FLAG_UNSET == mid->is_set_district)) { + (NULL == state || DISTRICT_FLAG_UNSET == state->is_set_district)) { // maat_instance->scan_err_cnt++; return -1; } @@ -1052,7 +1005,7 @@ int interval_scan(struct table_manager *tbl_mgr, int thread_id, long long intege } int group_hit_cnt = interval_runtime_scan((struct interval_runtime *)interval_rt, - thread_id, integer, vtable_id, mid); + thread_id, integer, vtable_id, state); if (group_hit_cnt < 0) { return -1; } @@ -1065,7 +1018,7 @@ int interval_scan(struct table_manager *tbl_mgr, int thread_id, long long intege } int ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr, - int physical_table_id, int vtable_id, struct maat_state *mid) + int physical_table_id, int vtable_id, struct maat_state *state) { enum table_type table_type = table_manager_get_table_type(tbl_mgr, physical_table_id); @@ -1079,7 +1032,7 @@ int ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr, } int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv4, - (uint8_t *)&ip_addr, vtable_id, mid); + (uint8_t *)&ip_addr, vtable_id, state); if (group_hit_cnt < 0) { return -1; } @@ -1092,7 +1045,7 @@ int ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr, } int ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr, - int physical_table_id, int vtable_id, struct maat_state *mid) + int physical_table_id, int vtable_id, struct maat_state *state) { enum table_type table_type = table_manager_get_table_type(tbl_mgr, physical_table_id); @@ -1106,7 +1059,7 @@ int ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr, } int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv6, - ip_addr, vtable_id, mid); + ip_addr, vtable_id, state); if (group_hit_cnt < 0) { return -1; } @@ -1119,11 +1072,11 @@ int ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr, } int string_scan(struct table_manager *tbl_mgr, int thread_id, const char *data, size_t data_len, - int physical_table_id, int vtable_id, struct maat_state *mid) + int physical_table_id, int vtable_id, struct maat_state *state) { enum table_type table_type = table_manager_get_table_type(tbl_mgr, physical_table_id); if ((table_type == TABLE_TYPE_EXPR_PLUS) && - (NULL == mid || DISTRICT_FLAG_UNSET == mid->is_set_district)) { + (NULL == state || DISTRICT_FLAG_UNSET == state->is_set_district)) { // maat_instance->scan_err_cnt++; return -1; } @@ -1139,7 +1092,7 @@ int string_scan(struct table_manager *tbl_mgr, int thread_id, const char *data, int group_hit_cnt = expr_runtime_scan((struct expr_runtime *)expr_rt, thread_id, data, data_len, - vtable_id, mid); + vtable_id, state); if (group_hit_cnt < 0) { return -1; } @@ -1211,7 +1164,7 @@ size_t group_to_compile(struct maat *maat_instance, long long *results, size_t n int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, long long flag, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state) + size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM || (thread_id < 0) || (NULL == results) || (0 == n_result) @@ -1219,9 +1172,7 @@ int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, return MAAT_SCAN_ERR; } - struct maat_state *mid = NULL; - mid = grab_state(state, maat_instance, thread_id); - mid->scan_cnt++; + state->scan_cnt++; if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, @@ -1253,15 +1204,15 @@ int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1); int hit_group_cnt = flag_scan(maat_instance->tbl_mgr, thread_id, flag, - physical_table_id, vtable_id, mid); + physical_table_id, vtable_id, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1286,7 +1237,7 @@ int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, long long integer, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state) + size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM || (thread_id < 0) || (NULL == results) || (0 == n_result) || @@ -1294,9 +1245,7 @@ int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, return MAAT_SCAN_ERR; } - struct maat_state *mid = NULL; - mid = grab_state(state, maat_instance, thread_id); - mid->scan_cnt++; + state->scan_cnt++; if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, @@ -1328,15 +1277,15 @@ int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1); int hit_group_cnt = interval_scan(maat_instance->tbl_mgr, thread_id, integer, - physical_table_id, vtable_id, mid); + physical_table_id, vtable_id, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1361,7 +1310,7 @@ int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, uint32_t ip_addr, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state) + size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM || (thread_id < 0) || (NULL == results) || (0 == n_result) @@ -1369,9 +1318,7 @@ int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, return MAAT_SCAN_ERR; } - struct maat_state *mid = NULL; - mid = grab_state(state, maat_instance, thread_id); - mid->scan_cnt++; + state->scan_cnt++; if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, @@ -1403,15 +1350,15 @@ int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1); int hit_group_cnt = ipv4_scan(maat_instance->tbl_mgr, thread_id, ip_addr, - physical_table_id, vtable_id, mid); + physical_table_id, vtable_id, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1437,14 +1384,14 @@ int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, int maat_scan_ipv4_tuple4(struct maat *instance, int table_id, int thread_id, const struct ipv4_tuple *tuple4, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state) + struct maat_state *state) { return MAAT_SCAN_OK; } int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, uint8_t *ip_addr, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state) + size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM || (thread_id < 0) || (NULL == ip_addr) || (NULL == results) @@ -1452,9 +1399,7 @@ int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, return MAAT_SCAN_ERR; } - struct maat_state *mid = NULL; - mid = grab_state(state, maat_instance, thread_id); - mid->scan_cnt++; + state->scan_cnt++; if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, @@ -1486,15 +1431,15 @@ int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1); int hit_group_cnt = ipv6_scan(maat_instance->tbl_mgr, thread_id, ip_addr, - physical_table_id, vtable_id, mid); + physical_table_id, vtable_id, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1520,14 +1465,14 @@ int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, int maat_scan_ipv6_tuple4(struct maat *instance, int table_id, int thread_id, const struct ipv6_tuple *tuple, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state) + struct maat_state *state) { return MAAT_SCAN_OK; } int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id, const char *data, size_t data_len, long long *results, size_t n_result, - size_t *n_hit_result, struct maat_state **state) + size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM || (thread_id < 0) || (NULL == data) || (0 == data_len) @@ -1535,9 +1480,7 @@ int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id, return MAAT_SCAN_ERR; } - struct maat_state *mid = NULL; - mid = grab_state(state, maat_instance, thread_id); - mid->scan_cnt++; + state->scan_cnt++; if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, @@ -1569,15 +1512,15 @@ int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id, alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1); int hit_group_cnt = string_scan(maat_instance->tbl_mgr, thread_id, data, data_len, - physical_table_id, vtable_id, mid); + physical_table_id, vtable_id, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1649,17 +1592,15 @@ error: int maat_scan_stream(struct maat_stream **maat_stream, const char *data, int data_len, long long *results, size_t n_result, size_t *n_hit_result, - struct maat_state **state) + struct maat_state *state) { if ((NULL == maat_stream) || (NULL == data) || (0 == data_len) || (NULL == results) || (0 == n_result) || (NULL == state)) { return MAAT_SCAN_ERR; } + state->scan_cnt++; struct maat_stream *stream = *maat_stream; - struct maat_state *mid = NULL; - mid = grab_state(state, stream->ref_maat_instance, stream->thread_id); - mid->scan_cnt++; int valid_table_id = -1; if (stream->vtable_id != 0) { @@ -1677,15 +1618,15 @@ int maat_scan_stream(struct maat_stream **maat_stream, const char *data, int dat alignment_int64_array_add(stream->ref_maat_instance->thread_call_cnt, stream->thread_id, 1); - int hit_group_cnt = expr_stream_scan(stream, data, data_len, mid); + int hit_group_cnt = expr_stream_scan(stream, data, data_len, state); if (hit_group_cnt < 0) { return MAAT_SCAN_ERR; } size_t sum_hit_compile_cnt = 0; - if (hit_group_cnt > 0 || scan_status_should_compile_NOT(mid)) { + if (hit_group_cnt > 0 || scan_status_should_compile_NOT(state)) { // come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT - sum_hit_compile_cnt = group_to_compile(stream->ref_maat_instance, results, n_result, mid); + sum_hit_compile_cnt = group_to_compile(stream->ref_maat_instance, results, n_result, state); *n_hit_result = sum_hit_compile_cnt; } @@ -1716,97 +1657,129 @@ void maat_scan_stream_close(struct maat_stream **maat_stream) struct maat_state *maat_state_new(struct maat *maat_instance, int thread_id) { + if (NULL == maat_instance || thread_id < 0) { + return NULL; + } + struct maat_state *state = ALLOC(struct maat_state, 1); state->maat_instance = maat_instance; + state->is_set_district = DISTRICT_FLAG_UNSET; + state->is_last_scan = LAST_SCAN_UNSET; state->district_id = DISTRICT_ANY; - state->thread_id = (signed short)thread_id; + state->thread_id = thread_id; + state->compile_state = maat_compile_state_new(thread_id); return state; } void maat_state_reset(struct maat_state *state) { - -} - -void maat_state_free(struct maat_state **state) -{ - struct maat_state *mid = NULL; - if (NULL == *state) { + if (NULL == state) { return; } - mid = *state; - if (mid->thread_id >= 0) { - alignment_int64_array_add(mid->maat_instance->outer_state_cnt, mid->thread_id, -1); - } + state->compile_table_id = 0; + state->is_set_district = DISTRICT_FLAG_UNSET; + state->is_last_scan = LAST_SCAN_UNSET; + state->district_id = DISTRICT_ANY; + state->scan_cnt = 0; - if (mid->compile_state != NULL) { - maat_compile_state_free(mid->compile_state); - mid->compile_state = NULL; - alignment_int64_array_add(mid->maat_instance->compile_state_cnt, mid->thread_id, -1); - } - - mid->maat_instance = NULL; - free(mid); - *state = NULL; + assert(state->compile_state != NULL); + maat_compile_state_reset(state->compile_state); } -int maat_state_set_scan_district(struct maat *maat_instance, - struct maat_state **state, - const char *district, +void maat_state_free(struct maat_state *state) +{ + if (NULL == state) { + return; + } + + assert(state->compile_state != NULL); + maat_compile_state_free(state->compile_state); + state->compile_state = NULL; + //alignment_int64_array_add(mid->maat_instance->compile_state_cnt, mid->thread_id, -1); + state->maat_instance = NULL; + free(state); +} + +int maat_state_set_scan_district(struct maat_state *state, const char *district, size_t district_len) { - if (NULL == maat_instance->maat_rt || NULL == district || - district_len <= 0) { + if (NULL == state || NULL == district || 0 == district_len) { return -1; } - struct maat_state *mid = grab_state(state, maat_instance, -1); - int ret = table_manager_set_scan_district(maat_instance->tbl_mgr, - district, district_len, - &(mid->district_id)); - if (ret < 0) { - mid->district_id = DISTRICT_UNKNOWN; - } + struct maat *maat_instance = state->maat_instance; + assert(maat_instance != NULL); - mid->is_set_district = DISTRICT_FLAG_SET; - - return 0; -} - -int maat_state_set_last_scan(struct maat *maat_instance, struct maat_state **state) -{ if (NULL == maat_instance->maat_rt) { return -1; } - struct maat_state *mid = grab_state(state, maat_instance, -1); - assert(mid->is_last_scan == LAST_SCAN_UNSET); - mid->is_last_scan = LAST_SCAN_SET; + int ret = table_manager_set_scan_district(maat_instance->tbl_mgr, + district, district_len, + &(state->district_id)); + if (ret < 0) { + state->district_id = DISTRICT_UNKNOWN; + } + + state->is_set_district = DISTRICT_FLAG_SET; return 0; } -int maat_state_set_scan_compile_table(struct maat *maat_instance, struct maat_state **state, - int compile_table_id) +int maat_state_set_last_scan(struct maat_state *state) { - if (NULL == maat_instance->maat_rt || compile_table_id < 0) { + if (NULL == state) { return -1; } - struct maat_state *mid = grab_state(state, maat_instance, -1); - mid->compile_table_id = compile_table_id; + struct maat *maat_instance = state->maat_instance; + assert(maat_instance != NULL); + + if (NULL == maat_instance->maat_rt) { + return -1; + } + + assert(state->is_last_scan == LAST_SCAN_UNSET); + state->is_last_scan = LAST_SCAN_SET; return 0; } -size_t maat_get_hit_paths(struct maat *maat_instance, struct maat_state *state, - struct maat_hit_path *paths, size_t n_path) +int maat_state_set_scan_compile_table(struct maat_state *state, int compile_table_id) { - int compile_table_id = -1; + if (NULL == state || compile_table_id < 0) { + return -1; + } + struct maat *maat_instance = state->maat_instance; + assert(maat_instance != NULL); + + if (NULL == maat_instance->maat_rt) { + return -1; + } + + state->compile_table_id = compile_table_id; + + return 0; +} + +int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *paths, size_t n_path) +{ + if (NULL == state || NULL == paths || 0 == n_path) { + return -1; + } + + struct maat *maat_instance = state->maat_instance; + assert(maat_instance != NULL); + + if (NULL == maat_instance->maat_rt) { + return -1; + } + + int compile_table_id = -1; if (state->compile_table_id != 0) { compile_table_id = state->compile_table_id; } else { @@ -1831,29 +1804,7 @@ size_t maat_get_hit_paths(struct maat *maat_instance, struct maat_state *state, return (compile_state_hit_path_cnt + new_hit_path_cnt); } -size_t maat_get_hit_objects(struct maat_compile_state *compile_state, - struct maat_hit_object *objs, size_t n_objs) -{ - return 0; -} - -int maat_state_get_hit_paths(struct maat *maat_instance, struct maat_state **state, - struct maat_hit_path *paths, size_t n_path) -{ - struct maat_state *mid = NULL; - - mid = grab_state(state, maat_instance, 0); - if (NULL == mid->compile_state || NULL == maat_instance->maat_rt) { - return 0; - } - - int n_read = maat_get_hit_paths(mid->maat_instance, mid, paths, n_path); - - return n_read; -} - -int maat_state_get_hit_objects(struct maat *instance, struct maat_state **state, - struct maat_hit_object *objs, size_t n_obj) +int maat_state_get_hit_objects(struct maat_state *state, struct maat_hit_object *objs, size_t n_obj) { return 0; } diff --git a/src/maat_compile.c b/src/maat_compile.c index c8829db..62530b4 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -136,7 +136,6 @@ struct maat_internal_hit_path { struct maat_compile_state { int thread_id; int Nth_scan; - time_t hier_ver; size_t this_scan_hit_item_cnt; int not_clause_hitted_flag; int is_no_count_scan; @@ -1196,10 +1195,13 @@ static inline int compare_clause_id(const void *a, const void *b) struct maat_compile_state *maat_compile_state_new(int thread_id) { + if (thread_id < 0) { + return NULL; + } + struct maat_compile_state *compile_state = ALLOC(struct maat_compile_state, 1); compile_state->thread_id = thread_id; - //compile_state->hier_ver = hier->version; utarray_new(compile_state->internal_hit_paths, &ut_hit_path_icd); utarray_new(compile_state->all_hit_clauses, &ut_clause_id_icd); utarray_new(compile_state->this_scan_hit_clauses, &ut_clause_id_icd); @@ -1207,8 +1209,29 @@ struct maat_compile_state *maat_compile_state_new(int thread_id) return compile_state; } +void maat_compile_state_reset(struct maat_compile_state *compile_state) +{ + if (NULL == compile_state) { + return; + } + + compile_state->Nth_scan = 0; + compile_state->this_scan_hit_item_cnt = 0; + compile_state->not_clause_hitted_flag = 0; + compile_state->is_no_count_scan = 0; + compile_state->hit_path_cnt = 0; + + utarray_clear(compile_state->internal_hit_paths); + utarray_clear(compile_state->all_hit_clauses); + utarray_clear(compile_state->this_scan_hit_clauses); +} + void maat_compile_state_free(struct maat_compile_state *compile_state) { + if (NULL == compile_state) { + return; + } + utarray_free(compile_state->internal_hit_paths); utarray_free(compile_state->all_hit_clauses); utarray_free(compile_state->this_scan_hit_clauses); diff --git a/src/maat_rule.c b/src/maat_rule.c index a01ce05..be1cdfa 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -559,8 +559,6 @@ void *rule_monitor_loop(void *arg) maat_garbage_bin_free(maat_instance->garbage_bin); table_manager_destroy(maat_instance->tbl_mgr); - alignment_int64_array_free(maat_instance->outer_state_cnt); - alignment_int64_array_free(maat_instance->compile_state_cnt); alignment_int64_array_free(maat_instance->thread_call_cnt); alignment_int64_array_free(maat_instance->hit_cnt); alignment_int64_array_free(maat_instance->not_grp_hit_cnt); diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 7b61ed7..0350166 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -318,37 +318,40 @@ TEST_F(MaatFlagScan, basic) { long long scan_data = 9; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); + + int ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 192); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); - maat_state_free(&state); + maat_state_reset(state); scan_data = 13; memset(results, 0, sizeof(results)); n_hit_result = 0; - ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 192); - maat_state_free(&state); + maat_state_reset(state); scan_data = 6; memset(results, 0, sizeof(results)); n_hit_result = 0; - ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatFlagScan, withExprRegion) { @@ -363,26 +366,28 @@ TEST_F(MaatFlagScan, withExprRegion) { long long flag_scan_data = 2; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); - int ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); const char *expr_scan_data = "hello world"; - ret = maat_scan_string(maat_instance, expr_table_id, 0, expr_scan_data, + ret = maat_scan_string(maat_instance, expr_table_id, thread_id, expr_scan_data, strlen(expr_scan_data), results, ARRAY_SIZE, - &n_hit_result, &state); + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 193); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatFlagScan, hitMultiCompile) { @@ -396,26 +401,28 @@ TEST_F(MaatFlagScan, hitMultiCompile) { long long flag_scan_data = 21; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); - int ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(results[0], 194); EXPECT_EQ(results[1], 192); memset(results, 0, sizeof(results)); - ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatFlagScan, hitRepeatedCompile) { @@ -425,13 +432,14 @@ TEST_F(MaatFlagScan, hitRepeatedCompile) { int flag_table_id = maat_get_table_id(maat_instance, flag_table_name); long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); //compile_id:192 flag: 0000 0001 mask: 0000 0011 //scan_data: 0000 1001 or 0000 1101 should hit long long flag_scan_data1 = 9; - int ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data1, results, - ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data1, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 192); @@ -441,26 +449,26 @@ TEST_F(MaatFlagScan, hitRepeatedCompile) { //scan_data: 0001 0101 should hit compile192 and compile194 long long flag_scan_data2 = 21; memset(results, 0, sizeof(results)); - ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data2, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data2, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 194); memset(results, 0, sizeof(results)); - ret = maat_scan_flag(maat_instance, flag_table_id, 0, flag_scan_data2, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, flag_scan_data2, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } - TEST_F(MaatFlagScan, FlagPlus) { const char *flag_table_name = "FLAG_PLUS_CONFIG"; const char *region_name = "I love China"; @@ -472,29 +480,32 @@ TEST_F(MaatFlagScan, FlagPlus) { long long scan_data1 = 15; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data1, results, - ARRAY_SIZE, &n_hit_result, &state); + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); + + int ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data1, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_ERR); - ret = maat_state_set_scan_district(maat_instance, &state, region_name, strlen(region_name)); + ret = maat_state_set_scan_district(state, region_name, strlen(region_name)); ASSERT_EQ(ret, 0); - ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data1, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data1, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 196); - ret = maat_scan_flag(maat_instance, flag_table_id, 0, scan_data1, results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_flag(maat_instance, flag_table_id, thread_id, scan_data1, results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class MaatStringScan : public testing::Test @@ -548,13 +559,16 @@ TEST_F(MaatStringScan, ScanDataOnlyOneByte) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char scan_data = 0x20; - int ret = maat_scan_string(maat_instance, table_id, 0, &scan_data, sizeof(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + + int ret = maat_scan_string(maat_instance, table_id, thread_id, &scan_data, sizeof(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, Full) { @@ -566,31 +580,36 @@ TEST_F(MaatStringScan, Full) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char *scan_data = "http://www.cyberessays.com/search_results.php?action=search&query=username,abckkk,1234567"; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 125); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, Regex) { int ret = 0; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *cookie = "Cookie: Txa123aheadBCAxd"; const char *table_name = "HTTP_URL"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); - ret = maat_scan_string(maat_instance, table_id, 0, cookie, strlen(cookie), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, cookie, strlen(cookie), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 146); - maat_state_free(&state); + maat_state_free(state); + state = NULL; //TODO: #if 0 size_t i = 0; @@ -618,42 +637,45 @@ TEST_F(MaatStringScan, Regex) { TEST_F(MaatStringScan, ExprPlus) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *region_name1 ="HTTP URL"; const char *region_name2 ="我的diStricT"; const char *scan_data1 = "http://www.cyberessays.com/search_results.php?action=search&query=abckkk,1234567"; const char *scan_data2 = "Addis Sapphire Hotel"; const char *table_name = "HTTP_SIGNATURE"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data1, strlen(scan_data1), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data1, strlen(scan_data1), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_ERR);//Should return error for district not setting. - ret = maat_state_set_scan_district(maat_instance, &state, region_name1, strlen(region_name1)); + ret = maat_state_set_scan_district(state, region_name1, strlen(region_name1)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data1, strlen(scan_data1), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data1, strlen(scan_data1), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 128); - maat_state_free(&state); + maat_state_reset(state); - ret = maat_state_set_scan_district(maat_instance, &state, region_name2, strlen(region_name2)); + ret = maat_state_set_scan_district(state, region_name2, strlen(region_name2)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data2, strlen(scan_data2), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data2, strlen(scan_data2), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 190); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, ExprPlusWithOffset) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char *region_name = "Payload"; unsigned char udp_payload_not_hit[] = { /* Stun packet */ 0x00, 0x03, 0x00, 0x4a, 0x21, 0x12, 0xa4, 0x42, @@ -685,19 +707,20 @@ TEST_F(MaatStringScan, ExprPlusWithOffset) int table_id = maat_get_table_id(maat_instance, "APP_PAYLOAD"); ASSERT_GT(table_id, 0); - int ret = maat_state_set_scan_district(maat_instance, &state, region_name, strlen(region_name)); + int ret = maat_state_set_scan_district(state, region_name, strlen(region_name)); EXPECT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, table_id, 0, (char*)udp_payload_not_hit, sizeof(udp_payload_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, (char*)udp_payload_not_hit, sizeof(udp_payload_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); - ret = maat_scan_string(maat_instance, table_id, 0, (char*)udp_payload_hit, sizeof(udp_payload_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, (char*)udp_payload_hit, sizeof(udp_payload_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 148); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #if 0 TEST_F(MaatStringScan, ExprPlusWithHex) { @@ -737,8 +760,9 @@ TEST_F(MaatStringScan, ExprPlusWithHex) { TEST_F(MaatStringScan, ExprAndExprPlus) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char *expr_table_name = "HTTP_URL"; const char *expr_plus_table_name = "HTTP_SIGNATURE"; const char *region_name = "I love China"; @@ -747,28 +771,30 @@ TEST_F(MaatStringScan, ExprAndExprPlus) { int expr_table_id = maat_get_table_id(maat_instance, expr_table_name); int expr_plus_table_id = maat_get_table_id(maat_instance, expr_plus_table_name); - int ret = maat_scan_string(maat_instance, expr_plus_table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, expr_plus_table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_ERR); - ret = maat_state_set_scan_district(maat_instance, &state, region_name, strlen(region_name)); + ret = maat_state_set_scan_district(state, region_name, strlen(region_name)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, expr_plus_table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, expr_plus_table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - ret = maat_scan_string(maat_instance, expr_table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, expr_table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 195); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #if 0 TEST_F(MaatStringScan, ShouldNotHitExprPlus) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char *region_name = "tcp.payload"; unsigned char udp_payload_not_hit[] = { /* Stun packet */ 0x00, 0x03, 0x00, 0x4a, 0x21, 0x12, 0xa4, 0x42, @@ -787,35 +813,38 @@ TEST_F(MaatStringScan, ShouldNotHitExprPlus) { int table_id = maat_get_table_id(maat_instance, "APP_PAYLOAD"); ASSERT_GT(table_id, 0); - int ret = maat_state_set_scan_district(maat_instance, &state, region_name, strlen(region_name)); + int ret = maat_state_set_scan_district(state, region_name, strlen(region_name)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, table_id, 0, (char *)udp_payload_not_hit, sizeof(udp_payload_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, (char *)udp_payload_not_hit, sizeof(udp_payload_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #endif TEST_F(MaatStringScan, Expr8) { const char *table_name = "KEYWORDS_TABLE"; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; - + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 182); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; int n_read = 0; - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, HexBinCaseSensitive) { @@ -823,24 +852,25 @@ TEST_F(MaatStringScan, HexBinCaseSensitive) { const char *scan_data1 = "String TeST should not hit."; const char *scan_data2 = "String TEST should hit"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data1, strlen(scan_data1), - results, ARRAY_SIZE, &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data1, strlen(scan_data1), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); - maat_state_free(&state); + maat_state_reset(state); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data2, strlen(scan_data2), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data2, strlen(scan_data2), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 191); - maat_state_free(&state); + maat_state_free(state); } TEST_F(MaatStringScan, BugReport20190325) { @@ -864,19 +894,21 @@ TEST_F(MaatStringScan, BugReport20190325) { 0x00}; const char *table_name = "TROJAN_PAYLOAD"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, (char *)scan_data, sizeof(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, (char *)scan_data, sizeof(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 150); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #if 0 TEST_F(MaatStringScan, PrefixAndSuffix) { @@ -886,6 +918,7 @@ TEST_F(MaatStringScan, PrefixAndSuffix) { const char *cont_sz_table_name = "CONTENT_SIZE"; const char *mail_addr_table_name = "MAIL_ADDR"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + int thread_id = 0; int cont_sz_table_id = maat_get_table_id(maat_instance, cont_sz_table_name); ASSERT_GT(cont_sz_table_id, 0); @@ -895,32 +928,33 @@ TEST_F(MaatStringScan, PrefixAndSuffix) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_integer(maat_instance, cont_sz_table_id, 0, 2015, results, - ARRAY_SIZE, &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_integer(maat_instance, cont_sz_table_id, thread_id, 2015, results, + ARRAY_SIZE, &n_hit_result, state); - ret = maat_scan_string(maat_instance, mail_addr_table_id, 0, hit_twice, strlen(hit_twice), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, mail_addr_table_id, thread_id, hit_twice, strlen(hit_twice), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(results[0], 151); EXPECT_EQ(results[1], 152); - maat_state_free(&state); + maat_state_reset(state); - ret = maat_scan_string(maat_instance, mail_addr_table_id, 0, hit_suffix, strlen(hit_suffix), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, mail_addr_table_id, thread_id, hit_suffix, strlen(hit_suffix), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 151); - ret = maat_scan_integer(maat_instance, cont_sz_table_id, 0, 2015, results, - ARRAY_SIZE, &n_hit_result, &state); - ret = maat_scan_string(maat_instance, mail_addr_table_id, 0, hit_prefix, strlen(hit_prefix), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_integer(maat_instance, cont_sz_table_id, thread_id, 2015, results, + ARRAY_SIZE, &n_hit_result, state); + ret = maat_scan_string(maat_instance, mail_addr_table_id, thread_id, hit_prefix, strlen(hit_prefix), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 152); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #endif #if 0 @@ -928,19 +962,21 @@ TEST_F(MaatStringScan, MaatUnescape) { const char *scan_data = "Batman\\:Take me Home.Superman/:Fine,stay with me."; const char *table_name = "KEYWORDS_TABLE"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 132); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #endif #if 0 @@ -949,26 +985,28 @@ TEST_F(MaatStringScan, RegexWithNotContains) { const char *should_hit_scan_data = "fakesina.com/rain/a/TWF2021042600418000"; const char *table_name = "HTTP_URL"; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, should_NOT_hit_scan_data, - strlen(should_NOT_hit_scan_data), results, ARRAY_SIZE, - &n_hit_result, &state); - EXPECT_EQ(ret, MAAT_SCAN_OK); - maat_state_free(&state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); - ret = maat_scan_string(maat_instance, table_id, 0, should_hit_scan_data, + int ret = maat_scan_string(maat_instance, table_id, thread_id, should_NOT_hit_scan_data, + strlen(should_NOT_hit_scan_data), results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_OK); + maat_state_reset(state); + + ret = maat_scan_string(maat_instance, table_id, thread_id, should_hit_scan_data, strlen(should_hit_scan_data), results, ARRAY_SIZE, - &n_hit_result, &state); + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 183); - maat_state_free(&state); + maat_state_free(state); } #endif TEST_F(MaatStringScan, OffsetChunk64) { @@ -976,8 +1014,9 @@ TEST_F(MaatStringScan, OffsetChunk64) { const char *file_name = "./testdata/mesa_logo.jpg"; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); FILE *fp = fopen(file_name, "r"); ASSERT_FALSE(fp==NULL); @@ -986,7 +1025,7 @@ TEST_F(MaatStringScan, OffsetChunk64) { int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, 0); + struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, thread_id); ASSERT_TRUE(sp != NULL); int ret = 0; @@ -995,7 +1034,7 @@ TEST_F(MaatStringScan, OffsetChunk64) { while (0 == feof(fp)) { read_size = fread(scan_data, 1, sizeof(scan_data), fp); ret = maat_scan_stream(&sp, scan_data, read_size, - results, ARRAY_SIZE, &n_hit_result, &state); + results, ARRAY_SIZE, &n_hit_result, state); if (ret > 0) { pass_flag = 1; break; @@ -1005,7 +1044,8 @@ TEST_F(MaatStringScan, OffsetChunk64) { EXPECT_EQ(results[0], 136); maat_scan_stream_close(&sp); fclose(fp); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, OffsetChunk1460) { @@ -1013,8 +1053,9 @@ TEST_F(MaatStringScan, OffsetChunk1460) { const char *file_name = "./testdata/mesa_logo.jpg"; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); FILE *fp = fopen(file_name, "r"); ASSERT_FALSE(fp==NULL); @@ -1023,7 +1064,7 @@ TEST_F(MaatStringScan, OffsetChunk1460) { int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, 0); + struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, thread_id); ASSERT_TRUE(sp != NULL); int ret = 0; @@ -1032,7 +1073,7 @@ TEST_F(MaatStringScan, OffsetChunk1460) { while (0 == feof(fp)) { read_size = fread(scan_data, 1, sizeof(scan_data), fp); ret = maat_scan_stream(&sp, scan_data, read_size, - results, ARRAY_SIZE, &n_hit_result, &state); + results, ARRAY_SIZE, &n_hit_result, state); if (ret > 0) { pass_flag = 1; break; @@ -1042,34 +1083,37 @@ TEST_F(MaatStringScan, OffsetChunk1460) { EXPECT_EQ(results[0], 136); maat_scan_stream_close(&sp); fclose(fp); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, StreamInput) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); const char *scan_data = "http://www.cyberessays.com/search_results.php?action=search&query=yulingjing,abckkk,1234567"; const char *table_name = "HTTP_URL"; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, 0); + struct maat_stream *sp = maat_scan_stream_open(maat_instance, table_id, thread_id); ASSERT_TRUE(sp != NULL); int ret = maat_scan_stream(&sp, "www.cyberessays.com", strlen("www.cyberessays.com"), - results, ARRAY_SIZE, &n_hit_result, &state); + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); ret = maat_scan_stream(&sp, scan_data, strlen(scan_data), results, ARRAY_SIZE, - &n_hit_result, &state); + &n_hit_result, state); maat_scan_stream_close(&sp); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 125); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatStringScan, dynamic_config) { @@ -1077,15 +1121,16 @@ TEST_F(MaatStringScan, dynamic_config) { char data[128] = "hello world, welcome to maat version4, it's funny."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatStringScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); - int ret = maat_scan_string(maat_instance, table_id, 0, data, strlen(data), results, - ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, data, strlen(data), results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_reset(state); const char *compile_table_name = "COMPILE"; const char *g2c_table_name = "GROUP2COMPILE"; @@ -1110,13 +1155,12 @@ TEST_F(MaatStringScan, dynamic_config) { sleep(WAIT_FOR_EFFECTIVE_S * 2); - state = NULL; - ret = maat_scan_string(maat_instance, table_id, 0, data, strlen(data), results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, data, strlen(data), results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], compile_id); - maat_state_free(&state); + maat_state_reset(state); /* expr table del line */ ret = expr_table_set_line(maat_instance, table_name, MAAT_OP_DEL, item_id, group_id, @@ -1134,12 +1178,12 @@ TEST_F(MaatStringScan, dynamic_config) { sleep(WAIT_FOR_EFFECTIVE_S * 2); - state = NULL; - ret = maat_scan_string(maat_instance, table_id, 0, data, strlen(data), results, - ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, data, strlen(data), results, + ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class MaatIPScan : public testing::Test @@ -1187,6 +1231,7 @@ struct log_handle *MaatIPScan::logger; TEST_F(MaatIPScan, IPv4) { const char *table_name = "IP_PLUS_CONFIG"; struct maat *maat_instance = MaatIPScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); @@ -1198,18 +1243,20 @@ TEST_F(MaatIPScan, IPv4) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - ret = maat_scan_ipv4(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + ret = maat_scan_ipv4(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 154); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatIPScan, IPv6) { const char *table_name = "IP_PLUS_CONFIG"; struct maat *maat_instance = MaatIPScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); char ip_str[32] = "1001:da8:205:1::101"; @@ -1219,19 +1266,21 @@ TEST_F(MaatIPScan, IPv6) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - ret = maat_scan_ipv6(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + ret = maat_scan_ipv6(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 155); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatIPScan, dynamic_config) { const char *table_name = "IP_PLUS_CONFIG"; struct maat *maat_instance = MaatIPScan::_shared_maat_instance; + int thread_id = 0; int table_id = maat_get_table_id(maat_instance, table_name); char ip_str[32] = "100.100.100.100"; @@ -1241,12 +1290,12 @@ TEST_F(MaatIPScan, dynamic_config) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - ret = maat_scan_ipv4(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + struct maat_state *state = maat_state_new(maat_instance, thread_id); + ret = maat_scan_ipv4(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_reset(state); const char *compile_table_name = "COMPILE"; const char *g2c_table_name = "GROUP2COMPILE"; @@ -1270,13 +1319,12 @@ TEST_F(MaatIPScan, dynamic_config) { sleep(WAIT_FOR_EFFECTIVE_S * 2); - state = NULL; - ret = maat_scan_ipv4(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + ret = maat_scan_ipv4(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], compile_id); - maat_state_free(&state); + maat_state_reset(state); /* ip table del line */ ret = ip_table_set_line(maat_instance, table_name, MAAT_OP_DEL, item_id, group_id, @@ -1294,9 +1342,12 @@ TEST_F(MaatIPScan, dynamic_config) { sleep(WAIT_FOR_EFFECTIVE_S * 2); - ret = maat_scan_ipv4(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + ret = maat_scan_ipv4(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); + + maat_state_free(state); + state = NULL; } class MaatIntervalScan : public testing::Test @@ -1344,46 +1395,50 @@ struct log_handle *MaatIntervalScan::logger; TEST_F(MaatIntervalScan, Pure) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *table_name = "CONTENT_SIZE"; struct maat *maat_instance = MaatIntervalScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); unsigned int scan_data1 = 2015; - int ret = maat_scan_integer(maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE, - &n_hit_result, &state); + int ret = maat_scan_integer(maat_instance, table_id, thread_id, scan_data1, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_reset(state); unsigned int scan_data2 = 300; - ret = maat_scan_integer(maat_instance, table_id, 0, scan_data2, results, ARRAY_SIZE, - &n_hit_result, &state); + ret = maat_scan_integer(maat_instance, table_id, thread_id, scan_data2, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatIntervalScan, IntervalPlus) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *table_name = "INTERGER_PLUS"; struct maat *maat_instance = MaatIntervalScan::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); const char *district_str = "interval.plus"; - int ret = maat_state_set_scan_district(maat_instance, &state, district_str, strlen(district_str)); + int ret = maat_state_set_scan_district(state, district_str, strlen(district_str)); EXPECT_EQ(ret, 0); unsigned int scan_data1 = 2020; - ret = maat_scan_integer(maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE, - &n_hit_result, &state); + ret = maat_scan_integer(maat_instance, table_id, thread_id, scan_data1, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 179); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class NOTLogic : public testing::Test @@ -1433,27 +1488,29 @@ TEST_F(NOTLogic, OneRegion) { const char *string_should_not_hit = "This string contains both must-contained-string-of-rule-143 and must-not-contained-string-of-rule-143."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *table_name = "HTTP_URL"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - int ret = maat_scan_string(maat_instance, table_id, 0, string_should_hit, strlen(string_should_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, string_should_hit, strlen(string_should_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 143); - maat_state_free(&state); + maat_state_reset(state); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_string(maat_instance, table_id, 0, string_should_not_hit, strlen(string_should_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_string(maat_instance, table_id, thread_id, string_should_not_hit, strlen(string_should_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(NOTLogic, ScanNotAtLast) { @@ -1461,26 +1518,28 @@ TEST_F(NOTLogic, ScanNotAtLast) { const char *string_should_not_hit="This string contains both must-contained-string-of-rule-144 and must-not-contained-string-of-rule-144."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *hit_table_name = "HTTP_URL"; const char *not_hit_table_name = "KEYWORDS_TABLE"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int hit_table_id = maat_get_table_id(maat_instance, hit_table_name); ASSERT_GT(hit_table_id, 0); - int ret = maat_scan_string(maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, hit_table_id, thread_id, string_should_hit, strlen(string_should_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); int not_hit_table_id = maat_get_table_id(maat_instance, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_string(maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_string(maat_instance, not_hit_table_id, thread_id, string_should_not_hit, strlen(string_should_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(NOTLogic, ScanIrrelavantAtLast) { @@ -1488,28 +1547,30 @@ TEST_F(NOTLogic, ScanIrrelavantAtLast) { const char *string_irrelevant = "This string contiains nothing to hit."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *hit_table_name = "HTTP_URL"; const char *not_hit_table_name = "KEYWORDS_TABLE"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int hit_table_id = maat_get_table_id(maat_instance, hit_table_name); ASSERT_GT(hit_table_id, 0); - int ret = maat_scan_string(maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, hit_table_id, thread_id, string_should_hit, strlen(string_should_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); int not_hit_table_id = maat_get_table_id(maat_instance, not_hit_table_name); ASSERT_GT(hit_table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_string(maat_instance, not_hit_table_id, 0, string_irrelevant, strlen(string_irrelevant), - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_string(maat_instance, not_hit_table_id, thread_id, string_irrelevant, strlen(string_irrelevant), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 144); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(NOTLogic, ScanHitAtLastEmptyExpr) { @@ -1517,17 +1578,19 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyExpr) { const char *string_match_no_region = "This string is matched against a empty table."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *not_hit_table_name = "HTTP_URL"; const char *hit_table_name = "IP_PLUS_CONFIG"; const char *empty_table_name = "EMPTY_KEYWORD"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int not_hit_table_id = maat_get_table_id(maat_instance, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - int ret = maat_scan_string(maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, not_hit_table_id, thread_id, + string_should_not_hit, strlen(string_should_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); uint32_t sip; @@ -1536,37 +1599,41 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyExpr) { int hit_table_id = maat_get_table_id(maat_instance, hit_table_name); ASSERT_GT(hit_table_id, 0); - ret = maat_scan_ipv4(maat_instance, hit_table_id, 0, sip, - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_ipv4(maat_instance, hit_table_id, thread_id, sip, + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); int empty_table_id = maat_get_table_id(maat_instance, empty_table_name); ASSERT_GT(empty_table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_string(maat_instance, empty_table_id, 0, string_match_no_region, strlen(string_match_no_region), - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_string(maat_instance, empty_table_id, thread_id, + string_match_no_region, strlen(string_match_no_region), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 186); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(NOTLogic, ScanHitAtLastEmptyInteger) { const char *string_should_not_hit = "This string should not hit."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *not_hit_table_name = "HTTP_URL"; const char *hit_table_name = "IP_PLUS_CONFIG"; const char *empty_table_name = "EMPTY_INTERGER"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int not_hit_table_id = maat_get_table_id(maat_instance, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - int ret = maat_scan_string(maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, not_hit_table_id, thread_id, + string_should_not_hit, strlen(string_should_not_hit), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_OK); uint32_t sip; @@ -1575,35 +1642,37 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyInteger) { int hit_table_id = maat_get_table_id(maat_instance, hit_table_name); ASSERT_GT(hit_table_id, 0); - ret = maat_scan_ipv4(maat_instance, hit_table_id, 0, sip, - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_ipv4(maat_instance, hit_table_id, thread_id, sip, + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); int empty_table_id = maat_get_table_id(maat_instance, empty_table_name); ASSERT_GT(empty_table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_integer(maat_instance, empty_table_id, 0, 2015, - results, ARRAY_SIZE, &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_integer(maat_instance, empty_table_id, thread_id, 2015, + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 187); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(NOTLogic, ScanNotIP) { const char *string_should_hit = "This string ONLY contains must-contained-string-of-rule-145."; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *hit_table_name = "HTTP_URL"; const char *not_hit_table_name = "IP_CONFIG"; struct maat *maat_instance = NOTLogic::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int hit_table_id = maat_get_table_id(maat_instance, hit_table_name); ASSERT_GT(hit_table_id, 0); - int ret = maat_scan_string(maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, hit_table_id, thread_id, string_should_hit, + strlen(string_should_hit), results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); uint32_t sip; @@ -1612,11 +1681,12 @@ TEST_F(NOTLogic, ScanNotIP) { int not_hit_table_id = maat_get_table_id(maat_instance, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - maat_state_set_last_scan(maat_instance, &state); - ret = maat_scan_ipv4(maat_instance, not_hit_table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + maat_state_set_last_scan(state); + ret = maat_scan_ipv4(maat_instance, not_hit_table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } void maat_read_entry_start_cb(int update_type, void *u_para) @@ -2255,18 +2325,20 @@ struct log_handle *VirtualTable::logger; TEST_F(VirtualTable, basic) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *table_name = "HTTP_RESPONSE_KEYWORDS"; struct maat *maat_instance = VirtualTable::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class CompileTable : public testing::Test @@ -2385,59 +2457,62 @@ TEST_F(CompileTable, CompileRuleUpdate) { TEST_F(CompileTable, Conjunction1) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *scan_data = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; const char *table_name = "HTTP_URL"; struct maat *maat_instance = CompileTable::_shared_maat_instance; - + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(results[0], 197); EXPECT_EQ(results[1], 141); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; - int n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 2); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(CompileTable, Conjunction2) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *scan_data = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; const char *table_name = "HTTP_URL"; struct maat *maat_instance = CompileTable::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(results[0], 197); EXPECT_EQ(results[1], 141); struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0}; - int n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 2); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(maat_instance, &state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 4); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class Policy : public testing::Test @@ -2537,37 +2612,40 @@ TEST_F(Policy, PluginRuleTags2) { TEST_F(Policy, CompileRuleTags) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *should_hit = "string bbb should hit"; const char *should_not_hit = "string aaa should not hit"; const char *table_name = "HTTP_URL"; struct maat *maat_instance = Policy::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - int ret = maat_scan_string(maat_instance, table_id, 0, should_not_hit, + int ret = maat_scan_string(maat_instance, table_id, thread_id, should_not_hit, strlen(should_not_hit), results, ARRAY_SIZE, - &n_hit_result, &state); + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - ret = maat_scan_string(maat_instance, table_id, 0, should_hit, + ret = maat_scan_string(maat_instance, table_id, thread_id, should_hit, strlen(should_hit), results, ARRAY_SIZE, - &n_hit_result, &state); + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(Policy, CompileEXData) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *url = "firewall should hit"; const char *table_name = "HTTP_URL"; const char *compile_table_name = "COMPILE_FIREWALL"; const char *expect_name = "I have a name"; struct maat *maat_instance = Policy::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); int compile_table_id = maat_get_table_id(maat_instance, compile_table_name); @@ -2581,11 +2659,11 @@ TEST_F(Policy, CompileEXData) { ASSERT_TRUE(ret == 0); EXPECT_EQ(ex_data_counter, 1); - ret = maat_state_set_scan_compile_table(maat_instance, &state, compile_table_id); + ret = maat_state_set_scan_compile_table(state, compile_table_id); EXPECT_EQ(ret, 0); - ret = maat_scan_string(maat_instance, table_id, 0, url, strlen(url), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, url, strlen(url), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 198); @@ -2600,7 +2678,8 @@ TEST_F(Policy, CompileEXData) { EXPECT_EQ(strcmp(param->name, expect_name), 0); compile_ex_param_free(compile_table_id, &ex_data, 0, NULL); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } #if 0 TEST_F(Policy, SubGroup) { @@ -2692,11 +2771,12 @@ struct log_handle *TableInfo::logger; TEST_F(TableInfo, Conjunction) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *scan_data = "soq is using table conjunction function.http://www.3300av.com/novel/27122.txt"; const char *table_name = "HTTP_URL"; const char *conj_table_name = "HTTP_HOST"; struct maat *maat_instance = TableInfo::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); @@ -2704,13 +2784,14 @@ TEST_F(TableInfo, Conjunction) { int conj_table_id = maat_get_table_id(maat_instance, conj_table_name); ASSERT_GT(conj_table_id, 0); - int ret = maat_scan_string(maat_instance, conj_table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, conj_table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(results[0], 134); EXPECT_EQ(results[1], 133); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } class MaatFileTest : public testing::Test @@ -2837,11 +2918,12 @@ TEST_F(MaatCmdTest, SetIP) { long long version_before = 0; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; const char *ip_table_name = "IP_CONFIG"; const char *compile_table_name = "COMPILE"; const char *g2c_table_name = "GROUP2COMPILE"; struct maat *maat_instance = MaatCmdTest::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); /* compile table add line */ long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); @@ -2873,13 +2955,14 @@ TEST_F(MaatCmdTest, SetIP) { int table_id = maat_get_table_id(maat_instance, ip_table_name); ASSERT_GE(table_id, 0); - ret = maat_scan_ipv4(maat_instance, table_id, 0, sip, results, ARRAY_SIZE, - &n_hit_result, &state); + ret = maat_scan_ipv4(maat_instance, table_id, thread_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], compile_id); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatCmdTest, SetExpr) { @@ -2893,8 +2976,9 @@ TEST_F(MaatCmdTest, SetExpr) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatCmdTest::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); maat_cmd_str_escape(escape_buff1, sizeof(escape_buff1), keywords1); maat_cmd_str_escape(escape_buff2, sizeof(escape_buff2), keywords2); @@ -2911,11 +2995,11 @@ TEST_F(MaatCmdTest, SetExpr) { ASSERT_GT(table_id, 0); memset(results, 0, sizeof(results)); - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_TRUE(results[0] == compile_id || results[0] == (compile_id - 1)); - maat_state_free(&state); + maat_state_reset(state); ret = compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_DEL, compile_id-1, @@ -2926,19 +3010,20 @@ TEST_F(MaatCmdTest, SetExpr) { EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_reset(state); int timeout = 1; compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); test_add_expr_command(maat_instance, table_name, compile_id, timeout, keywords); sleep(timeout + 1); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } TEST_F(MaatCmdTest, SetExpr8) { @@ -2954,8 +3039,9 @@ TEST_F(MaatCmdTest, SetExpr8) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; + int thread_id = 0; struct maat *maat_instance = MaatCmdTest::_shared_maat_instance; + struct maat_state *state = maat_state_new(maat_instance, thread_id); /* compile table add line */ long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); @@ -2979,12 +3065,12 @@ TEST_F(MaatCmdTest, SetExpr8) { int table_id = maat_get_table_id(maat_instance, table_name); ASSERT_GT(table_id, 0); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data8, strlen(scan_data8), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data8, strlen(scan_data8), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], compile_id); - maat_state_free(&state); + maat_state_reset(state); ret = expr_table_set_line(maat_instance, table_name, MAAT_OP_DEL, item_id, group_id, keywords8, NULL, 1, 0, 0, 0); @@ -2996,12 +3082,13 @@ TEST_F(MaatCmdTest, SetExpr8) { sleep(WAIT_FOR_EFFECTIVE_S); memset(&results, 0, sizeof(results)); - ret = maat_scan_string(maat_instance, table_id, 0, scan_data7, strlen(scan_data7), - results, ARRAY_SIZE, &n_hit_result, &state); + ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data7, strlen(scan_data7), + results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], compile_id); - maat_state_free(&state); + maat_state_free(state); + state = NULL; } struct user_info { diff --git a/test/maat_input_mode_gtest.cpp b/test/maat_input_mode_gtest.cpp index 025c30a..f90dce8 100644 --- a/test/maat_input_mode_gtest.cpp +++ b/test/maat_input_mode_gtest.cpp @@ -43,9 +43,10 @@ TEST(json_mode, maat_scan_string) { char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; long long results[5] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, sizeof(results), &n_hit_result, &state); + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, sizeof(results), &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 182); @@ -58,7 +59,8 @@ TEST(json_mode, maat_scan_string) { EXPECT_EQ(clause_id, 2); maat_options_free(opts); - maat_state_free(&state); + maat_state_free(state); + state = NULL; maat_free(maat_instance); } @@ -97,15 +99,17 @@ TEST(iris_mode, maat_scan_string) { char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; long long results[5] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, sizeof(results), &n_hit_result, &state); + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, sizeof(results), &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 182); maat_options_free(opts); - maat_state_free(&state); + maat_state_free(state); + state = NULL; maat_free(maat_instance); } @@ -221,15 +225,17 @@ TEST(redis_mode, maat_scan_string) { char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; long long results[5] = {0}; size_t n_hit_result = 0; - struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), - results, sizeof(results), &n_hit_result, &state); + int thread_id = 0; + struct maat_state *state = maat_state_new(maat_instance, thread_id); + int ret = maat_scan_string(maat_instance, table_id, thread_id, scan_data, strlen(scan_data), + results, sizeof(results), &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 182); maat_options_free(opts); - maat_state_free(&state); + maat_state_free(state); + state = NULL; maat_free(maat_instance); }